Login
    Contenu x
    userQuery (Command)
    • 17 Dec 2024
    • 4 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    userQuery (Command)

    • Mis à jour le 17 Dec 2024
    • 4 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    The userQuery command allows querying user accounts that match specified search criteria.

    Parameters

      Table:  userQuery input parameters (SOAP administration)
    Parameter nameData typeDescription

    sessionID

    String

    Required. The session identifier of the current administrative session. The logon command returns this identifier after a successful logon (see  logon (Command)).

    attributeSet

    UserAttributeSet

    Required. A set containing zero or more attribute fields that specify the query search criteria. See  UserAttributeSet (Data type).

    fieldSet

    UserFieldSet

    Optional. Specifies the attribute fields to be returned for all the records matching the search criteria. See  UserFieldSet (Data type).

    If fieldSet is omitted, all possible output parameters are returned. If a user attribute field is not set in the database, it is not returned for that specific user account.

    queryOptions

    UserQueryOptions

    Optional. Options to determine what results should be returned. See  UserQueryOptions (Data type).

      Table:  userQuery output parameters (SOAP administration)
    Parameter nameData typeDescription

    results

    UserQueryResults

    Required. Result structure containing return and status codes and a list of zero or more result attribute fields. See  UserQueryResults (Data type).

    UserAttributeSet (Data type)

    The attributes specified in this attribute set define the search criteria.

    Search attribute fields are interpreted as follows:

    • Wildcards are only accepted when the USERFLD_TO_USERID and USERFLD_TO_DOMAIN attributes are not set.
    • A wildcard character (*) can be added to the values at the start, the end, or both. They will be interpreted as the SQL LIKE statement.

    • A list of comma-separated values can be specified for the attribute that specifies the domain name. In this case it will be interpreted as the logical OR of the given values.

      You cannot use wildcard characters in comma-separated values.

    • If none of the above applies, the search will be done using the exact match of the given value.
      Table:  UserAttributeSet (Data type)
    Element nameData typeDescription
    attributesUserAttribute

    Attributes specifying the user query search criteria (see Table: UserAttribute (Data type)).

      Table:  UserAttribute (Data type)
    Element nameData typeDescription
    attributeOptionsAttributeOptions

    Specifies how to handle the attribute value during request processing, where each option is added as a single element to attributeOptions, e.g.:

      <negative>true</negative>

    Supported values:

    • negative. Indicates that the specified user attribute value should not be equal to the one specified.
    • null. Indicates that the specified attribute should be handled as zero-value.
    valueAnyThe attribute value. The data type has to be specified by setting the xsi:type XML attribute.
    attributeIDUserAttributeIDEnumThe attribute identifier (see Table: userQuery (Supported input attributes)).
      Table:  userQuery (Supported input attributes)
    Attribute nameOptionality
    USERFLD_ADMIN_PRIVILEGESOptional
    USERFLD_ASSIGNED_DIGIPASS

    Optional

    USERFLD_CREATE_TIMEOptional
    USERFLD_DESCRIPTIONOptional
    USERFLD_DISABLEDOptional
    USERFLD_DOMAINOptional
    USERFLD_EMAILOptional
    USERFLD_EXPIREDOptional
    USERFLD_HAS_DPOptional
    USERFLD_LAST_PASSWORD_SET_TIMEOptional
    USERFLD_LASTAUTH_TIMEOptional
    USERFLD_LOCKEDOptional
    USERFLD_MOBILEOptional
    USERFLD_MODIFY_TIMEOptional
    USERFLD_ORGANIZATIONAL_UNITOptional
    USERFLD_PHONEOptional
    USERFLD_SEARCH_DOWN_OU_PATHOptional
    USERFLD_TO_DOMAINOptional
    USERFLD_TO_USERIDOptional
    USERFLD_USE_DP_FROM_USER_DOMAINOptional
    USERFLD_USE_DP_FROM_USER_IDOptional
    USERFLD_USER_INACT_DAYSOptional
    USERFLD_USERIDOptional
    USERFLD_USERNAMEOptional

    For more information about the specific attributes, see Table: userExecute field attributes.

    UserFieldSet (Data type)

    The attributes specified in the fieldSet parameter specify the user attribute fields OneSpan Authentication Server should return for the users accounts matching the search criteria.

    If fieldSet is omitted, all possible output parameters are returned. If an attribute field is not set in the database, it is not returned for that specific record.

      Table:  UserFieldSet (Data type)
    Element nameData typeDescription
    attributeIDUserAttributeIDEnum

    The identifier of an attribute to return (see Table: userQuery (Supported output attributes)).

      Table:  userQuery (Supported output attributes)
    Attribute nameReturned?
    USERFLD_ADMIN_PRIVILEGESIf defined
    USERFLD_ASSIGNED_DIGIPASS

    If defined

    USERFLD_BACKEND_AUTHIf defined
    USERFLD_CREATE_TIMEIf defined
    USERFLD_DESCRIPTIONIf defined
    USERFLD_DISABLEDIf defined
    USERFLD_DOMAINIf defined
    USERFLD_EMAILIf defined
    USERFLD_EXPIREDIf defined
    USERFLD_HAS_DPIf defined
    USERFLD_LAST_PASSWORD_SET_TIMEIf defined
    USERFLD_LASTAUTH_TIMEIf defined
    USERFLD_LASTAUTHREQ_TIMEIf defined
    USERFLD_LOCAL_AUTHIf defined
    USERFLD_LOCKEDIf defined
    USERFLD_MOBILEIf defined
    USERFLD_MODIFY_TIMEIf defined
    USERFLD_OFFLINE_AUTH_ENABLEDIf defined
    USERFLD_ORGANIZATIONAL_UNITIf defined
    USERFLD_PHONEIf defined
    USERFLD_STATUSIf defined
    USERFLD_USE_DP_FROM_USER_DOMAINIf defined
    USERFLD_USE_DP_FROM_USER_IDIf defined
    USERFLD_USER_INACT_DAYSIf defined
    USERFLD_USERIDIf defined
    USERFLD_USERNAMEIf defined
    USERFLD_VDP_DELIVERY_METHODIf defined
    USERFLD_VDP_MDC_PROFILEIf defined
    USERFLD_VDP_SIGN_DELIVERY_METHODIf defined
    USERFLD_VDP_SIGN_MDC_PROFILEIf defined

    For more information about the specific attributes, see Table: userExecute field attributes.

    UserQueryOptions (Data type)

    This data type determines what results should be returned.

      Table: QueryOptions (Data type)
    Element nameData typeDescription

    count

    Boolean

    Flag to request OneSpan Authentication Server to return only the number of records in the result set, but not the result set itself.

    Default value: false

    distinct

    Boolean

    Flag to request OneSpan Authentication Server to return only unique query results.

    Default value: false

    rowcount

    Unsigned Integer

    Option to request OneSpan Authentication Server to return the specified number of result records, beginning with the record specified by rowoffset.

    If set to 0, all result records are returned.

    Default value: 0

    rowoffset

    Unsigned Integer

    Option to request OneSpan Authentication Server to return result records starting from the specified offset. Can only be used together with rowcount.

    Default value: 0

    sortfieldidString

    Optional. Required if you specify SortOrder. Determines the field attribute to use as sort key when sorting the result set using SortOrder. May contain any field attribute from the FieldSet parameter.

    sortorderString

    Optional. Determines the sort order of the result set. By default, the result set is unsorted.

    Possible values:

    • QUERYOPTIONSORTORDER_ASCENDING. Result set in ascending order.
    • QUERYOPTIONSORTORDER_DESCENDING. Result set in descending order.

    UserQueryResults (Data type)

      Table:  UserQueryResults (Data type)
    Element nameData typeDescription

    resultCodes

    ResultCodes

    Required. The result and status codes returned by the command.

    resultAttributeUserAttributeListRequired. List containing the queried user attributes. Each item of type UserAttributeSet.
    resultCountIntegerRequired. The number of items in resultAttribute.
    errorStackErrorStackRequired. The error stack, indicating that the command has not completed successfully.

    Example

    Retrieve the user ID and domain of jane.doe:

    <?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <adm:userQuery xmlns:adm= "http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Administration" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <sessionID>3JSK8cmRjw4E30wAA=0nUTL-~3fmifTO</sessionID>
      <attributeSet>
        <attributes>
          <value xsi:type="xsd:string">jane.doe</value>
          <attributeID>USERFLD_USERID</attributeID>
        </attributes>
      </attributeSet>
      <fieldSet>
        <attributeID>USERFLD_USERID</attributeID>
        <attributeID>USERFLD_DOMAIN</attributeID>
      </fieldSet>
    </adm:userQuery>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

    Retrieve a list of all administrative user accounts (user ID and domain):

    <?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <adm:userQuery xmlns:adm= "http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Administration" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <sessionID>3JSK8cmRjw4E30wAA=0nUTL-~3fmifTO</sessionID>
      <attributeSet>
        <attributes>
          <attributeOptions>
            <negative>true</negative>
            <null>true</null>
          </attributeOptions>
          <value xsi:type="xsd:base64Binary">0</value>
          <attributeID>USERFLD_ADMIN_PRIVILEGES</attributeID>
        </attributes>
      </attributeSet>
      <fieldSet>
        <attributeID>USERFLD_USERID</attributeID>
        <attributeID>USERFLD_DOMAIN</attributeID>
      </fieldSet>
    </adm:userQuery>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

    Requirements

    Required administrative privileges:

    • View Administrative Privileges (to use USERFLD_ADMIN_PRIVILEGES as input parameter)
    • View User

    Additional considerations

    After upgrading OneSpan Authentication Server, server data is continuously migrated while the already-upgraded OneSpan Authentication Server service is running. Until data migration has been completed, the result of a query command may be incomplete and may include both migrated and non-migrated data. This means that values for new data fields may be missing or not set correctly in the query result.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle